Method and system for detecting fraud in a credit card transaction over the internet

ABSTRACT

A computer-implemented method is disclosed, where first information that is related to a current commercial transaction that is being evaluated for fraud is received, either directly or indirectly, from a consumer through an online service or internet. The computer obtains an internet address from which the first information is received from the consumer. In response to obtaining the internet address, the computer accesses at least one database to obtain a second information on a plurality of commercial transactions that have been previously associated with the internet address from which the first information is received from the consumer. An indication is produced on whether the current commercial transaction is fraudulent based on correlating at least one subset of the second information and at least one subset of the first information.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application claims the benefit and domestic priority under 35 U.S.C. §120 as a continuation of U.S. patent application Ser. No. 12/175,191, filed Jul. 17, 2008, which is a continuation of prior U.S. patent application Ser. No. 11/168,966, filed Jun. 27, 2005, which is a continuation of U.S. patent application Ser. No. 09/442,106, filed Nov. 17, 1999, now U.S. Pat. No. 7,096,192, which is a continuation of U.S. patent application Ser. No. 08/901,687, filed Jul. 28, 1997, now U.S. Pat. No. 6,029,154, the entire contents of which are hereby incorporated by reference for all purposes as set forth herein.

FIELD OF THE INVENTION

The present invention relates generally to credit card transactions and specifically to detecting fraud in such credit card transactions when ordering and downloading information over the Internet.

BACKGROUND OF THE INVENTION

Credit card transactions are being utilized in a variety of environments. In a typical environment a user provides a merchant with a credit card, and the merchant through various means will verify whether that information is accurate. For example, referring now to FIG. 1, a typical credit card verification system 10 is shown. In such a system, a merchant 12 receives a credit card from the customer 14. The merchant then verifies the credit card information through an automated verification system (“AVS”) 16.

These systems work well in a credit card transaction in which either the customer has a face-to-face meeting with the merchant or the merchant is actually shipping a package or the like to the address of a customer. The verification procedure typically includes receiving at the AVS system address information and identity information. However, when downloading information from an online service or the Internet, the address and identity information are not enough to adequately verify that the customer who is purchasing the goods is actually the owner of the credit card. For example, an individual may have both the name and the address of a particular credit card holder and that information in a normal transaction may be sufficient for authorization of such a transaction. However, in an Internet transaction it is possible to obtain all the correct information related to the particular credit card holder through unscrupulous means, and therefore, be able to fraudulently obtain information.

Accordingly, what is needed is a system and method that overcomes the problems associated with a typical verification system for credit card transactions particularly in the Internet or online services environment. The system should be easily implemented within the existing environment and should also be straightforwardly applied to existing technology. The present invention addresses such a need.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is diagram of the prior art verification system for credit card transaction.

FIG. 2 is a verification system in accordance with the present invention.

FIG. 3 is a flow chart of the verification system in accordance with the present invention.

FIG. 4 is a flow chart of the integrated verification system in accordance with the present invention.

DETAILED DESCRIPTION

The present invention relates to a fraud detection method, system and apparatus for use in credit card transaction over online services or the Internet. The following description is presented to enable one of ordinary skill in the art to make and use the invention and is provided in the context of a patent application and its requirements. Various modifications to the preferred embodiment will be readily apparent to those skilled in the art and the generic principles herein may be applied to other embodiments. Thus, the present invention is not intended to be limited to the embodiment shown but is to be accorded the widest scope consistent with the principles and features described herein.

The present invention provides an integrated verification system for credit card transactions over an online service or the Internet. Referring now to FIG. 2, what is shown is a block diagram of a system 100 which would use the verification procedure in accordance with the present invention. System 100 includes, similar to FIG. 1, a customer 102 and a merchant 104. The customer 102 provides the merchant with a credit card, and the merchant then sends information from it to an integrated verification system (“IVS”) 106 which includes a variety of parameters providing consistency, history and other information in an integrated fashion to determine whether the credit card information is valid. The IVS 106 is typically implemented in software for example in a hard disk, floppy disk or other computer-readable medium. In a typical embodiment, when the customer 102 orders a particular piece of software to be downloaded from a merchant 104, the merchant will provide the credit card number, e-mail address and other pertinent information to the IVS 106. The integrated verification system 106 then weights the variety of parameters so as to provide a merchant with a quantifiable indication on whether the credit and transaction is fraudulent. To more clearly describe the operation of a system and method in accordance with the present invention, refer now to the following discussion in conjunction with the accompanying figures.

FIG. 3 shows a simple block diagram for providing an integrated verification of a credit card transaction over the Internet. The IVS 106 includes a controller 212 which receives the credit information from the merchant and then sends that information on to a variety of parameters 202-208. The plurality of parameters operates on the information to provide an indication of whether the transaction is valid. In this embodiment, the plurality of parameters comprises a history check 202, a consistency check 204, an automatic verification system 206 and an Internet identification verification system (“IIVS”) 208. The output or individual indications of validity of these parameters are provided to fraud detector 210. The fraud detector 210 combines these inputs to provide an integrated indication of whether the particular transaction is valid.

Consistency check 204 allows IVS 106 to determine whether the credit information is consistent, i.e., does the credit information match the user and other information. AVS system 206 provides similar information as AVS 16 described in FIG. 1. A key feature of both the history database 222 and the Internet ID database 224 is that they can be accessed and the information there within can be supplemented by a variety of other merchants and, therefore, information from those merchants is obtainable thereby.

History check 202 is provided which also accesses a history database 222 which may include card number and email information. The history check 202 will also actively determine if the particular transaction matches previous database information within the history database 222. Therefore, the Internet ID verification system 208 and history check 202 increases in utility over time. The Internet ID verification system 208 provides for a system for verifying the validity of an Internet address, the details of which will be discussed hereinafter. The Internet identification verification system 208 similar to the history check 202 includes a database 224, which can be added to by other merchants.

In addition, the Internet identification verification system 208 accesses and communicates with a database of Internet addresses. This system will be used to verify whether the Internet address is consistent with other Internet addresses being used in transactions utilizing this credit card.

These different parameters are weighted via weighting blocks 214-220, respectively, dependent upon the particular credit card transaction. For example, if the amount of dollar transaction is critical, it may be appropriate for the history check 202 and AVS system 206 to be weighted more critically than the other parameters. On the other hand, if a critical point is the consistency of the Internet address, then the consistency check 204 and the Internet identification system 208 may be more critical. Accordingly, each of the verification parameters 202-208 may be weighted in different amounts depending upon its importance in the verification process.

A particularly important feature of the present invention is the Internet identification system 208 and its operation within the integrated verification system 106. Through this system 208, it is possible to quickly determine if an Internet identification address is being utilized fraudulently. To describe this feature in more detail, refer now to FIG. 4 and the accompanying discussion.

FIG. 4 is a flow chart of the Internet identification verification system 208. The goal of Internet identification verification system 208 is to determine whether the physical address or the physical location of the address compares to a previous physical location that was used for that particular Internet address. Accordingly, in the flow chart of FIG. 4, first the number of transactions that had been processed using that particular Internet address is obtained from the database 224, via step 302. Thereafter, a map of those transactions is constructed based on those obtained transactions, via step 304. Finally, the constructed map is used to determine if the new credit card transaction is valid, via step 306. Accordingly, through a system and method in accordance with this system, an Internet identification verification system is provided which can quickly and easily determine whether a particular Internet address is related to a particular credit card transaction.

Accordingly, what is provided is a system and method for accurately determining whether a particular credit card transaction is a fraudulent one. The integrated verification system in accordance with the present invention provides for weighting the variety of parameters so as to provide a merchant with a quantifiable indication on whether the credit and transaction is fraudulent.

Although the present invention has been described in accordance with the embodiments shown, one of ordinary skill in the art will recognize that there could be variations to the embodiment and those variations would be within the spirit and scope of the present invention. Therefore, although the present invention was described in terms of a particular verification system, one of ordinary skill in the art readily recognizes, that any number of parameters can be utilized and their use would be within the spirit and scope of the present invention. Accordingly, many modifications may be made by one of ordinary skill without departing from the spirit and scope of the present invention, the scope of which is defined by the following claims. 

1. A computer-implemented method comprising: receiving, either directly or indirectly from a consumer through an online service or internet, a first information that is related to a current commercial transaction that is being evaluated for fraud, wherein the first information includes credit card information; obtaining an internet address from which the first information is received from the consumer; in response to obtaining the internet address accessing at least one database to obtain a second information on a plurality of commercial transactions that have been previously associated with the internet address from which the first information is received from the consumer; and producing an indication on whether the current commercial transaction is fraudulent based on correlating at least one subset of the second information and at least one subset of the first information.
 2. The computer-implemented method of claim 1, wherein the second information accessed from the at least one database is aggregated from a plurality of merchants over time.
 3. The computer-implemented method of claim 1, further comprising applying a plurality of parameters to the at least one subset of the first information for analyzing the at least one subset of the first information for fraud.
 4. The computer-implemented method of claim 3, further comprising weighting the plurality of parameters based on relative importance of a respective parameter as determined by characteristics of the current commercial transaction that is being evaluated for fraud.
 5. The computer-implemented method of claim 3, further comprising combining information from application of the plurality of parameters to the at least one subset of the first information for producing the indication on whether the current commercial transaction is fraudulent.
 6. The computer-implemented method of claim 3, wherein the plurality of parameters includes at least an internet identification verification parameter for determining if the internet address from which the first information is received from the consumer is associated with fraud.
 7. The computer-implemented method of claim 1, wherein the first information further includes at least: email address of the consumer, and shipping address.
 8. The computer-implemented method of claim 1, further comprising determining whether the internet address is consistent with one or more internet addresses being used in commercial transactions utilizing the credit card information.
 9. A computer system comprising: at least one database of internet addresses and corresponding commercial transactions; at least one internet identification verification component that is in communication with the at least one database of internet addresses and corresponding commercial transactions; wherein the at least one internet identification verification component is operable to create a correlation between information on past commercial transactions and a respective internet address of a consumer associated with a current commercial transaction that is being evaluated for fraud; and at least one fraud detection component that is operable to create an integrated indication of whether the current commercial transaction is fraudulent based on at least the correlation created by the at least one internet identification verification component.
 10. The system of claim 9, further comprising a controller that is operable for receiving through the internet from the consumer associated with the current commercial transaction, information related to the current commercial transaction including credit card information and the respective internet address of the consumer.
 11. The system of claim 9, further comprising a plurality of parameter components other than the at least one internet identification verification component for checking at least one subset of parameters from a plurality of parameters based on characteristics of the current commercial transaction.
 12. The system of claim 11, wherein the plurality of parameters is weighted based on a predetermined set of criteria triggered by one or more characteristics of the current commercial transaction.
 13. The system of claim 11, wherein the plurality of parameter components and the at least one internet identification verification component have access to information, aggregated from a plurality of merchants over time, on commercial transactions including corresponding internet address information of the consumer.
 14. The system of claim 11, wherein the at least one fraud detection component receives input from at least a subset of the plurality of parameter components.
 15. A system comprising: at least one controller for receiving, either directly or indirectly, from a consumer through an online service or internet, a first information that is related to a current commercial transaction that is being evaluated for fraud and an internet address from which the first information is received, wherein the first information includes credit card information; at least one internet identification verification component, wherein the at least one internet identification verification component is operable to create a correlation between the first information and a second information on a plurality of commercial transactions that have been previously associated with the internet address from which the first information is received; and at least on fraud detection component for producing an indication on whether the current commercial transaction is fraudulent based on at least the correlation between the first information and a second information on a plurality of commercial transactions that have been previously associated with the internet address from which the first information is received.
 16. The system of claim 15, further comprising at least one database for storing at least the second information on a plurality of commercial transactions that have been previously associated with the internet address from which the first information is received.
 17. The system of claim 15, further comprising at least one database for storing internet addresses and corresponding commercial transactions.
 18. The system of claim 15, further comprising a plurality of parameter components other than the at least one internet identification verification component for checking at least one subset of parameters from a plurality of parameters based on characteristics of the current commercial transaction, and wherein the plurality of parameter components and the at least one internet identification verification component have access to information, aggregated from a plurality of merchants over time, on commercial transactions including corresponding internet address information of the consumer.
 19. The system of claim 18, wherein the plurality of parameters is weighted based on a predetermined set of criteria triggered by one or more characteristics of the current commercial transaction.
 20. The system of claim 18, wherein the at least one fraud detection component receives input from at least a subset of the plurality of parameter components. 